sentinel-scanner 2.4.1 → 2.5.0

package/docs/sql-injection/details.md

@@ -1,109 +0,0 @@
----
-layout: default
-title: Sentinel by Rebackk | SQL Injection Details
----
-### **Understanding SQL Injection (SQLi): Protecting Your Web Applications**
-
-#### **Introduction**
-SQL Injection (SQLi) is one of the most dangerous and prevalent web vulnerabilities, regularly appearing on the OWASP Top Ten list. Attackers exploit SQLi to manipulate backend databases through malicious SQL queries. By injecting malicious code into a website's input fields or URL parameters, attackers can view, modify, or delete data, potentially leading to significant security breaches. In this guide, we’ll explore what SQL Injection is, the different types of SQLi attacks, real-world examples, and how you can protect your applications using Rebackk's Sentinel tool.
-
----
-
-### **What is SQL Injection (SQLi)?**
-SQL Injection is a vulnerability that allows attackers to interfere with the queries your application sends to its database. By injecting malicious SQL code into input fields (like login forms, search bars, or URL parameters), attackers can manipulate or extract sensitive data, bypass authentication, or even execute administrative database commands.
-
-#### **Types of SQL Injection Attacks**
-1. **In-band SQLi (Classic SQLi)**:  
-   This is the most common form of SQLi. The attacker uses the same communication channel to both launch the attack and gather results, such as through error messages or retrieving data from the database.
-
-2. **Blind SQLi**:  
-   In this type of attack, the attacker does not get the results directly. Instead, they infer the presence of vulnerabilities based on the application's behavior (e.g., timing or changes in responses). Blind SQLi is more difficult to detect but still dangerous.
-
-   - **Boolean-based Blind SQLi**: The attacker sends a query that forces the application to return different results depending on the condition (true or false).
-   - **Time-based Blind SQLi**: The attacker induces a delay in the database response, which helps infer whether the query is correct.
-
-3. **Out-of-Band SQLi**:  
-   This type of SQLi is rare but sophisticated. The attacker relies on the server’s ability to make DNS or HTTP requests to a remote server. Results are retrieved through these external channels, such as by creating DNS requests or HTTP responses.
-
----
-
-### **How SQL Injection Works: A Real-World Example**
-
-Consider a user visiting a login page with a vulnerable form. If the application doesn’t properly sanitize user input, an attacker could enter the following SQL code in the username or password field:
-
-```sql
-' OR 1=1 --
-```
-
-This could turn the SQL query into:
-
-```sql
-SELECT * FROM users WHERE username = '' OR 1=1 --' AND password = 'userpassword';
-```
-
-Since `1=1` is always true, the query would return all records in the database, potentially allowing the attacker to bypass authentication and gain unauthorized access to the system.
-
----
-
-### **How to Detect SQL Injection Vulnerabilities**
-Using **Sentinel**, Rebackk’s AI-powered vulnerability scanner, you can easily detect SQL Injection vulnerabilities in your web applications. Here’s how to use it:
-
-1. **Run a Scan**:
-   ```bash
-   npx sentinel-scanner sqli -s <path_to_spider_results>
-   ```
-2. **Analyze the Results**:
-   - Sentinel generates a detailed report, highlighting any SQLi vulnerabilities detected in your web application.
-   - It offers actionable recommendations to fix the vulnerabilities.
-
----
-
-### **Best Practices for Preventing SQL Injection Attacks**
-
-1. **Use Prepared Statements (Parameterized Queries)**:
-   - Prepared statements ensure that user inputs are treated as data and not executable code. This is the most effective way to prevent SQLi.
-   
-   Example (in PHP with PDO):
-   ```php
-   $stmt = $pdo->prepare('SELECT * FROM users WHERE username = :username');
-   $stmt->execute(['username' => $userInput]);
-   ```
-
-2. **Sanitize and Escape User Inputs**:
-   - Use input validation and sanitization to ensure that data entered by users is safe.
-   - Use functions like `mysqli_real_escape_string` (in PHP) to escape dangerous characters.
-
-3. **Use ORM (Object-Relational Mapping) Frameworks**:
-   - ORM libraries automatically handle query generation, reducing the risk of SQLi by using parameterized queries behind the scenes.
-
-4. **Limit Database Permissions**:
-   - Ensure that the database account used by the web application has the least amount of privilege necessary to function. For example, avoid using an admin account for web application queries.
-
-5. **Error Handling**:
-   - Avoid exposing detailed database error messages to users. Use generic error messages to prevent attackers from gaining insight into your database structure.
-
-6. **Implement Web Application Firewalls (WAF)**:
-   - A WAF can help detect and block malicious SQLi attempts before they reach your application.
-
----
-
-### **Using Rebackk’s Sentinel for Continuous Security**
-With Sentinel’s automated scanning, you can set up continuous monitoring to detect SQL Injection vulnerabilities before attackers exploit them.
-
-**Key Features**:
-- **AI-Powered Analysis**: Quickly scans your web apps for SQLi vulnerabilities.
-- **Detailed Reports**: Provides step-by-step guides on how to fix detected issues.
-- **OWASP Top Ten Coverage**: Ensures protection against common vulnerabilities like SQLi, XSS, and more.
-
----
-
-### **Conclusion**
-SQL Injection remains one of the most critical vulnerabilities in web applications, but by applying best practices and using tools like Rebackk’s Sentinel, you can protect your application from these dangerous attacks. Regularly scan your applications, sanitize inputs, and implement security best practices to stay ahead of attackers.
-
-Start securing your applications today with **Sentinel**. Visit [Rebackk](https://rebackk.xyz) to learn more and try it for free.
-
----
-
-#### **Additional Resources**
-- [OWASP SQL Injection Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)
-- [Sentinel Web App Scanner Documentation](https://rebackkhq.github.io/webapp-scanner/)

package/docs/sql-injection/index.md

@@ -1,73 +0,0 @@
----
-layout: default
-title: Sentinel by Rebackk | SQLi Scanner
----
-## Sentinel by Rebackk | SQLi Scanner Intro
-
-# 🛡️ SQLi Scanner
-
-A powerful SQL Injection (SQLi) vulnerability scanner that uses the output from a Spider crawler to identify SQL Injection vulnerabilities on each page of a website. It supports concurrency, retries, and customizable timeouts, ensuring efficient and thorough scanning.
-
-## Features
-
-- **Leverages Spider Results**: Uses URLs collected by the Spider tool to perform targeted SQL Injection scanning.
-- **Customizable Concurrency**: Supports multiple requests in parallel to speed up the scanning process.
-- **Retries on Failure**: Automatically retries failed requests to ensure reliable results.
-- **Timeout Handling**: Configurable timeout for each request to manage slow or unresponsive pages.
-- **Output in JSON Format**: Saves the scan results in a detailed and easily accessible JSON file.
-- **Command Line Interface (CLI)**: Provides a simple yet powerful CLI for quick and flexible scanning.
-
-## Installation and Usage
-
-### Using NPM Exec
-
-- Install the `sentinel-scanner` globally:
-  ```bash
-  npm install -g sentinel-scanner
-  ```
-
-- Run the **SQLi Scanner** using the Spider results:
-  ```bash
-  npx sentinel-scanner sqli -s <path_to_spider_results>
-  ```
-
-## Using PreBuilt Releases
-
-- Download the [Latest Release](https://github.com/RebackkHQ/webapp-scanner/releases/latest).
-- Extract the files.
-- Run the SQLi Scanner from the command line:
-  ```bash
-  npx . sqli -s <path_to_spider_results>
-  ```
-
-## Parameters
-
-### Options
-
-| Option             | Alias | Type     | Default                                      | Description                                                       |
-|--------------------|-------|----------|----------------------------------------------|-------------------------------------------------------------------|
-| `--spiderResults`  | `-s`  | `string` | -                                            | Path to the spider results file (**required**).                   |
-| `--output`         | `-o`  | `string` | `sentinel_output/sqliResult_<timestamp>.json` | Path to save the output JSON file.                                |
-| `--concurrency`    | `-c`  | `number` | 10                                           | Number of concurrent requests (range: 1-20).                      |
-| `--timeout`        | `-t`  | `number` | 5000 (ms)                                    | Timeout for each request in milliseconds (range: 0-25,000).       |
-| `--retries`        | `-r`  | `number` | 3                                            | Number of retries for each request (range: 0-10).                 |
-
-## Example Commands
-
-### Basic Scan
-To scan for SQL Injection vulnerabilities using Spider results:
-```bash
-npx sentinel-scanner sqli -s spiderResults.json
-```
-
-### Advanced Scan with Custom Output and Concurrency
-To scan with custom concurrency, timeout, and output path:
-```bash
-npx sentinel-scanner sqli -s spiderResults.json -c 15 -t 8000 -o ./output/sqliScanResults.json
-```
-
-### Default Output Path
-If the `--output` option is not specified, the results will be saved to:
-```
-sentinel_output/sqliResult_<timestamp>.json
-```

package/docs/xss/details.md

@@ -1,92 +0,0 @@
----
-layout: default
-title: Sentinel by Rebackk | XSS Details
----
-### **Understanding Cross-Site Scripting (XSS): Protecting Your Web Applications**
-
-#### **Introduction**
-In the age of digital transformation, web security has become a critical aspect of any business. Cross-Site Scripting (XSS) is one of the most common and dangerous vulnerabilities, frequently appearing on the OWASP Top Ten list. Attackers exploit XSS to inject malicious scripts into web applications, potentially compromising sensitive data or taking control of user sessions. In this guide, we'll explore what XSS is, its different types, real-world examples, and how you can protect your applications using Rebackk's Sentinel tool.
-
----
-
-### **What is Cross-Site Scripting (XSS)?**
-Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into otherwise trusted websites. These scripts run in the context of a user’s browser, leading to data theft, session hijacking, or defacement of web pages.
-
-#### **Types of XSS Attacks**
-1. **Stored XSS**: The malicious script is permanently stored on the target server (e.g., in a database). When users access the affected page, the script executes in their browser.
-2. **Reflected XSS**: The attacker's payload is reflected off a web server, typically in error messages or search results. The script is executed immediately when a user interacts with a specially crafted URL.
-3. **DOM-Based XSS**: The vulnerability exists in the client-side code rather than the server-side. It occurs when JavaScript modifies the DOM with untrusted data, leading to script execution.
-
----
-
-### **How XSS Works: A Real-World Example**
-
-Imagine a user visiting a website with a vulnerable comment section. If the website does not sanitize user inputs, an attacker could insert the following script:
-
-```html
-<script>alert('You have been hacked!');</script>
-```
-
-Whenever someone views the infected page, the script will execute, showing an alert box. While this example is harmless, real attacks can steal cookies, redirect users, or perform actions on behalf of the victim.
-
----
-
-### **How to Detect XSS Vulnerabilities**
-Using **Sentinel**, Rebackk’s AI-powered vulnerability scanner, you can quickly identify XSS vulnerabilities in your web applications. Here's how it works:
-
-1. **Run a Scan**:
-   ```bash
-   npx sentinel-scanner --target https://yourwebsite.com
-   ```
-2. **Analyze the Results**:
-   - Sentinel provides detailed reports highlighting any vulnerabilities found, including potential XSS issues.
-   - It offers recommendations on how to patch these vulnerabilities.
-
----
-
-### **Best Practices for Preventing XSS Attacks**
-
-1. **Input Validation and Sanitization**:
-   - Use libraries like DOMPurify to sanitize user-generated content.
-   - Avoid using `innerHTML` to insert data into the DOM. Instead, use `textContent` or safer methods.
-
-2. **Escape User Inputs**:
-   - Escape data based on the context (HTML, JavaScript, CSS, etc.).
-   - Use security headers like `Content-Security-Policy (CSP)` to prevent script execution.
-
-   ```http
-   Content-Security-Policy: script-src 'self';
-   ```
-
-3. **Implement HTTP-Only and Secure Cookies**:
-   - Use `HttpOnly` and `Secure` flags for cookies to prevent attackers from accessing session data.
-   - Example:
-     ```http
-     Set-Cookie: sessionId=abc123; HttpOnly; Secure
-     ```
-
-4. **Enable Web Application Firewalls (WAF)**:
-   - A WAF can help detect and block malicious traffic before it reaches your application.
-
----
-
-### **Using Rebackk’s Sentinel for Continuous Security**
-With Sentinel’s automated scanning, you can set up continuous monitoring to detect XSS vulnerabilities before attackers do. 
-
-**Key Features**:
-- **AI-Powered Analysis**: Quickly scans your web apps for known and emerging threats.
-- **Detailed Reports**: Provides step-by-step guides on how to fix detected issues.
-- **OWASP Top Ten Coverage**: Ensures protection against common vulnerabilities like XSS, SQL Injection, and more.
-
----
-
-### **Conclusion**
-Cross-Site Scripting remains a critical threat to web applications, but by implementing best practices and leveraging tools like Rebackk’s Sentinel, you can protect your business from potential attacks. Regularly scan your applications, enforce strong security policies, and stay ahead of the evolving threat landscape.
-
-Start your journey towards a secure web experience by trying **Sentinel for free** today. Visit [Rebackk](https://rebackk.xyz) to learn more.
-
----
-
-#### **Additional Resources**
-- [OWASP XSS Prevention Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XSS_Prevention_Cheat_Sheet.html)
-- [Sentinel Web App Scanner Documentation](https://rebackkhq.github.io/webapp-scanner/)

package/docs/xss/index.md

@@ -1,73 +0,0 @@
----
-layout: default
-title: Sentinel by Rebackk | XSS Scanner
----
-## Sentinel by Rebackk | XSS Scanner Intro
-
-# 🛡️ XSS Scanner
-
-A robust XSS vulnerability scanner that leverages the output from the Spider crawler to identify Cross-Site Scripting (XSS) vulnerabilities on each page of a website. It supports concurrency, retries, and configurable timeouts, ensuring efficient and thorough scanning.
-
-## Features
-
-- **Leverages Spider Results**: Uses URLs collected by the Spider tool to perform targeted XSS scanning.
-- **Customizable Concurrency**: Supports multiple requests in parallel to accelerate scanning.
-- **Retries on Failure**: Automatically retries failed requests to ensure reliable results.
-- **Timeout Handling**: Configurable timeout for each request to manage slow responses.
-- **Output in JSON Format**: Saves the scan results in a detailed JSON file.
-- **Command Line Interface (CLI)**: Provides a simple yet powerful CLI for quick scans.
-
-## Installation and Usage
-
-### Using NPM Exec
-
-- Install the `sentinel-scanner` globally:
-  ```bash
-  npm install -g sentinel-scanner
-  ```
-
-- Run the **XSS Scanner** using the Spider results:
-  ```bash
-  npx sentinel-scanner xss -s <path_to_spider_results>
-  ```
-
-## Using PreBuilt Releases
-
-- Download the [Latest Release](https://github.com/RebackkHQ/webapp-scanner/releases/latest).
-- Extract the files.
-- Run the XSS Scanner from the command line:
-  ```bash
-  npx . xss -s <path_to_spider_results>
-  ```
-
-## Parameters
-
-### Options
-
-| Option             | Alias | Type     | Default                                      | Description                                                      |
-|--------------------|-------|----------|----------------------------------------------|------------------------------------------------------------------|
-| `--spiderResults`  | `-s`  | `string` | -                                            | Path to the spider results file (**required**).                  |
-| `--output`         | `-o`  | `string` | `sentinel_output/xssResult_<timestamp>.json` | Path to save the output JSON file.                               |
-| `--concurrency`    | `-c`  | `number` | 10                                           | Number of concurrent requests (range: 1-20).                     |
-| `--timeout`        | `-t`  | `number` | 5000 (ms)                                    | Timeout for each request in milliseconds (range: 0-25,000).      |
-| `--retries`        | `-r`  | `number` | 3                                            | Number of retries for each request (range: 0-10).                |
-
-## Example Commands
-
-### Basic Scan
-To scan for XSS vulnerabilities using Spider results:
-```bash
-npx sentinel-scanner xss -s spiderResults.json
-```
-
-### Advanced Scan with Custom Output and Concurrency
-To scan with custom concurrency, timeout, and output path:
-```bash
-npx sentinel-scanner xss -s spiderResults.json -c 15 -t 8000 -o ./output/xssScanResults.json
-```
-
-### Default Output Path
-If the `--output` option is not specified, the results will be saved to:
-```
-sentinel_output/xssResult_<timestamp>.json
-```

package/scripts/extras/document-shim.js

@@ -1,4 +0,0 @@
-import { JSDOM } from "jsdom"
-
-const dom = new JSDOM(`<!DOCTYPE html><p>Hello world</p>`)
-global.document = dom.window.document

package/src/bin.ts

@@ -1,29 +0,0 @@
-#!/usr/bin/env node --no-warnings
-
-import yargs from "yargs";
-import { hideBin } from "yargs/helpers";
-import { headerCommand } from "./commands/header.js";
-import { portsCommand } from "./commands/ports.js";
-import { spiderCommand } from "./commands/spider.js";
-import { sqliCommand } from "./commands/sqli.js";
-import { xssCommand } from "./commands/xss.js";
-
-const commandHandler = yargs(hideBin(process.argv));
-
-commandHandler.demandCommand();
-commandHandler.scriptName("sentinel-scanner");
-commandHandler.usage("Usage: $0 <command> [options]");
-commandHandler.help().alias("help", "h");
-commandHandler.version().alias("version", "v");
-commandHandler.strict();
-commandHandler.showHelpOnFail(true);
-
-// Handle Commands
-commandHandler.command(spiderCommand);
-commandHandler.command(xssCommand);
-commandHandler.command(headerCommand);
-commandHandler.command(sqliCommand);
-commandHandler.command(portsCommand);
-
-commandHandler.version().alias("version", "v");
-commandHandler.parse();

package/src/commands/header.ts

@@ -1,150 +0,0 @@
-import fs from "node:fs/promises";
-import path from "node:path";
-import type { ArgumentsCamelCase, CommandModule } from "yargs";
-import { HeaderScanner, XSSScanner } from "../index.js";
-import { createLogger } from "../utils/index.js";
-
-export type HeaderScannerCLIOpts = {
-	spiderResults: string;
-	retries?: number;
-	timeout?: number;
-	concurrency?: number;
-	output?: string;
-};
-
-const cliLogger = createLogger("CLI");
-
-export const headerCommand: CommandModule = {
-	command: "header",
-	describe:
-		"Check a website for Header vulnerabilities. Checks for security and information leak headers",
-	builder: (yargs) => {
-		return yargs
-			.option("spiderResults", {
-				alias: "s",
-				type: "string",
-				description:
-					"The spider results file to use for scanning. It will use the URLs from the spider results to scan for header vulnerabilities",
-				demandOption: true,
-				coerce: (url) => {
-					if (!path.isAbsolute(url)) {
-						return path.resolve(url);
-					}
-					return url;
-				},
-			})
-			.option("output", {
-				alias: "o",
-				type: "string",
-				description:
-					"The output file to write the results to. Must be a JSON file",
-				default: () => getDefaultFilePath(),
-				coerce: (output) => {
-					const resolvedPath = path.resolve(output);
-					const { ext } = path.parse(resolvedPath);
-
-					if (ext !== ".json") {
-						throw new Error("Output file must be a JSON file");
-					}
-					return resolvedPath;
-				},
-			})
-			.option("concurrency", {
-				alias: "c",
-				type: "number",
-				description: "The number of concurrent requests to make",
-				default: 10,
-				coerce: (concurrency) => {
-					if (concurrency < 1 || concurrency > 20) {
-						throw new Error("Concurrency must be between 1 and 20");
-					}
-					return concurrency;
-				},
-			})
-			.option("timeout", {
-				alias: "t",
-				type: "number",
-				description: "The timeout for each request in milliseconds",
-				default: 5000,
-				coerce: (timeout) => {
-					if (timeout < 0 || timeout > 25000) {
-						throw new Error("Timeout must be between 0 and 25,000 ms");
-					}
-					return timeout;
-				},
-			})
-			.option("retries", {
-				alias: "r",
-				type: "number",
-				description: "The number of retries for each request",
-				default: 3,
-				coerce: (retries) => {
-					if (retries < 0 || retries > 10) {
-						throw new Error("Retries must be between 0 and 10");
-					}
-					return retries;
-				},
-			});
-	},
-	handler: async (args) => {
-		try {
-			const argData = args as ArgumentsCamelCase<HeaderScannerCLIOpts>;
-			const spiderResultsPath = path.resolve(argData.spiderResults);
-
-			// Check if the spider results file exists
-			if (!(await fileExists(spiderResultsPath))) {
-				throw new Error(
-					`Spider results file not found at ${spiderResultsPath}`,
-				);
-			}
-
-			const spiderResults = JSON.parse(
-				await fs.readFile(spiderResultsPath, "utf-8"),
-			);
-
-			cliLogger.info("Starting Header scan on website");
-
-			const scanner = new HeaderScanner({
-				spiderResults,
-				concurrency: argData.concurrency ?? 10,
-				timeout: argData.timeout ?? 5000,
-				retries: argData.retries ?? 3,
-			});
-
-			const results = await scanner.scan();
-
-			const outputPath = argData.output || getDefaultFilePath();
-			await fs.writeFile(outputPath, JSON.stringify(results, null, 2));
-			cliLogger.info(`Results successfully written to ${outputPath}`);
-		} catch (error) {
-			if (error instanceof Error) {
-				cliLogger.error(`Error: ${error.message}`);
-			}
-			cliLogger.error("Failed to run XSS command");
-			process.exit(1);
-		}
-	},
-};
-
-// Utility function to check if a file exists
-const fileExists = async (filePath: string) => {
-	try {
-		await fs.access(filePath);
-		return true;
-	} catch {
-		return false;
-	}
-};
-
-// Utility function to get the default file path
-const getDefaultFilePath = () => {
-	const resolvedDir = path.resolve("sentinel_output");
-
-	// Ensure the directory exists or create it
-	fs.mkdir(resolvedDir, { recursive: true }).catch((err) => {
-		cliLogger.error(`Failed to create directory: ${err.message}`);
-		process.exit(1);
-	});
-
-	return path.resolve(resolvedDir, `headerResults_${Date.now()}.json`);
-};